Phishing Threats and Cybersecurity: How to Protect?
As Americans engage in major activities such as the 2024 presidential race, large-scale cultural festivals, and high-profile sporting events, cybersecurity will be on high alert.…
Category: CyberSecurityNews
Threat Actors Exploiting SMBs Using List of Popular Productivity Tools
Due to their widespread use, popular productivity tools are often targeted and attacked by hackers. These tools create a large attack surface area and offer…
Operation ShadowCat Using Weaponized Office document To Attack Users In India
Researchers identified a new attack campaign (“Operation ShadowCat”) using malicious LNK files distributed via spam emails, which triggers a PowerShell script that drops a .NET…
Threat Actors Using OS Command Injection Vulnerabilities To Compromise Systems
By exploiting OS command injection vulnerabilities, threat actors can run arbitrary commands on a host operating system to obtain unauthorized access, control, and the power…
Hackers Exploiting MSHTML vulnerability Deliver Atlantida Malware
Void Banshee, a threat actor, has been exploiting a critical MSHTML vulnerability, CVE-2024-38112, to distribute the Atlantida InfoStealer malware. This sophisticated campaign has targeted unsuspecting…
Spyware Provider for Windows, Mac & Android Hacked, Sensitive Data Exposed
TechCrunch has learned that Spytech, a little-known spyware maker based in Minnesota, has been hacked, exposing sensitive data from thousands of devices worldwide. The breach…
RADIUS Protocol Vulnerability Impacted Multiple Cisco Products
A critical vulnerability in the Remote Authentication Dial-In User Service (RADIUS) protocol has been disclosed, affecting multiple Cisco products. The vulnerability, CVE-2024-3596, allows an on-path…
CrowdStrike Outage Leads to Estimated Financial Loss of $5.4 Billion
A recent global IT outage linked to CrowdStrike, a leading cybersecurity company, has resulted in an estimated $5.4 billion in direct financial losses for Fortune…
Hackers Use Microsoft Forms for Two-Step Phishing Attacks
Cybercriminals are increasingly using Microsoft Office Forms to launch sophisticated two-step phishing attacks. At present, certain individuals are being tricked into divulging their Microsoft 365…
Threat Actors Exploiting Selenium Grid Services For Cryptomining
Threat actors often exploit the cloud services for cryptomining, as doing so allows them to abuse the huge computational resources available. This enables them to…
Beware Of Malicious Chrome Installer From Chinese Hackers
A malicious Chrome installer, ChromeSetup.msi, distributed via drive-by download, delivers a novel Gh0st RAT variant, dubbed Gh0stGambit, that evasively retrieves and executes encrypted payloads. The…
ServiceNow Flaw Let Remote Attackers Execute Arbitrary Code
ServiceNow recently disclosed three critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178) affecting multiple Now Platform versions, allowing unauthenticated remote code execution and unauthorized file access. The…